[U-Boot] [PATCH V4] pytest: add a new test for aes

Philippe Reynes philippe.reynes at softathome.com
Mon Oct 28 18:25:16 UTC 2019 

This commit add a simple test to check that
a text may be ciphered and unciphered. Each
step are checked with the known result.

Signed-off-by: Philippe Reynes <philippe.reynes at softathome.com>
---
 test/py/tests/test_aes.py | 101 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 101 insertions(+)
 create mode 100644 test/py/tests/test_aes.py

Changelog:
v4:
- use function to clean the code
- add new test to check key and iv corruption

Before, this patch was in a serie accepted, excepted this patch:
v3:
- add unmap_sysmem (thanks Simon)
v2:
- add binary file (key128.bin, iv128.bin and plaintext.bin)

diff --git a/test/py/tests/test_aes.py b/test/py/tests/test_aes.py
new file mode 100644
index 0000000..01d514e
--- /dev/null
+++ b/test/py/tests/test_aes.py
@@ -0,0 +1,101 @@
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2019, Softathome
+
+# Test U-Boot's "aes" command.
+
+import pytest
+
+def test_aes(u_boot_console):
+    """
+    Test the aes command, and validate that it can
+    cipher and uncipher a random data
+    """
+
+    def generate_key_iv_data():
+        # Generate random key
+        output = cons.run_command('random 1000 0x10 0')
+        assert('16 bytes filled with random data' in ''.join(output))
+
+        # Generate random IV
+        output = cons.run_command('random 2000 0x10 0')
+        assert('16 bytes filled with random data' in ''.join(output))
+
+        # Generate random data
+        output = cons.run_command('random 3000 0x20 0')
+        assert('32 bytes filled with random data' in ''.join(output))
+
+    def test_nominal():
+        # Generate random key, iv and data
+        generate_key_iv_data()
+
+        # Encrypt random data
+        output = cons.run_command('aes enc 1000 2000 3000 4000 0x20')
+
+        # Check that ciphered data are different than unciphered data
+        output = cons.run_command('cmp.b 3000 4000 0x20')
+        assert('Total of 0 byte(s) were the same' in ''.join(output))
+
+        # Decrypt ciphered data
+        output = cons.run_command('aes dec 1000 2000 4000 5000 0x20')
+
+        # Check that unciphered data are the same than initial data
+        output = cons.run_command('cmp.b 3000 5000 0x20')
+        assert('Total of 32 byte(s) were the same' in ''.join(output))
+
+    def test_corrupted_key(seed):
+        # Generate random key, iv and data
+        generate_key_iv_data()
+
+        # Encrypt random data
+        output = cons.run_command('aes enc 1000 2000 3000 4000 0x20')
+
+        # Check that ciphered data are different than unciphered data
+        output = cons.run_command('cmp.b 3000 4000 0x20')
+        assert('Total of 0 byte(s) were the same' in ''.join(output))
+
+        # Corrupt the key (simply generate a new one)
+        output = cons.run_command('random 1000 0x10 %d' % seed)
+        assert('16 bytes filled with random data' in ''.join(output))
+
+        # Decrypt ciphered data
+        output = cons.run_command('aes dec 1000 2000 4000 5000 0x20')
+
+        # Check that unciphered data are different than initial data
+        output = cons.run_command('cmp.b 3000 5000 0x20')
+        assert('Total of 32 byte(s) were the same' not in ''.join(output))
+
+    def test_corrupted_iv(seed):
+        # Generate random key, iv and data
+        generate_key_iv_data()
+
+        # Encrypt random data
+        output = cons.run_command('aes enc 1000 2000 3000 4000 0x20')
+
+        # Check that ciphered data are different than unciphered data
+        output = cons.run_command('cmp.b 3000 4000 0x20')
+        assert('Total of 0 byte(s) were the same' in ''.join(output))
+
+        # Corrupt the iv (simply generate a new one)
+        output = cons.run_command('random 2000 0x10 %d' % seed)
+        assert('16 bytes filled with random data' in ''.join(output))
+
+        # Decrypt ciphered data
+        output = cons.run_command('aes dec 1000 2000 4000 5000 0x20')
+
+        # Check that unciphered data are different than initial data
+        output = cons.run_command('cmp.b 3000 5000 0x20')
+        assert('Total of 32 byte(s) were the same' not in ''.join(output))
+
+    cons = u_boot_console
+
+    # Check that the option cmd_aes is enabled in the config
+    if cons.config.buildconfig.get('config_cmd_aes', 'n') != 'y':
+        pytest.skip('aes command not supported')
+
+    # Send a command with no argument ...
+    output = cons.run_command('aes')
+    assert('AES 128 CBC encryption' in ''.join(output))
+
+    test_nominal()
+    test_corrupted_key(666)
+    test_corrupted_iv(666)
-- 
2.7.4

More information about the U-Boot mailing list